为Apache配置socket.io和SSL / WSS
[英]Comfiguring Apache for socket.io and SSL / WSS
问题描述
As the title suggests, I'm trying to get Apache and Socket.io (node.js) to play nicely, especially on SSL. 
顾名思义,我正在尝试使Apache和Socket.io(node.js)正常运行,尤其是在SSL上。 Currently, the client app at https://www.example.com uses Socket.io over SSL to connect to the server at [SSL protocol]://socket.example.com/socket.io/?query_stuff*. 当前,位于https://www.example.com的客户端应用程序通过SSL使用Socket.io通过[SSL协议]://socket.example.com/socket.io/?query_stuff *连接到服务器。 The connection to wss:// always fails, so Socket.io degrades to https://, which works fine. 与wss://的连接始终会失败,因此Socket.io会降级为https://,这可以正常工作。 But I would like to take advantage of the websocket protocol and not rely on polling over http(s). 但是我想利用websocket协议,而不是依靠对http(s)的轮询。
Linux & Apache Linux和Apache
Server version: Apache/2.4.7 (Ubuntu) 服务器版本: Apache / 2.4.7(Ubuntu)
Relevant mods: mod_proxy, mod_proxy_http, mod_proxy_wstunnel, mod_rewrite, mod_ssl 相关的mod: mod_proxy,mod_proxy_http,mod_proxy_wstunnel,mod_rewrite,mod_ssl
Iptables: I have opened ports 80, 443, and 9000. iptables:我打开了端口80、443和9000。
VirtualHost: 虚拟主机:
I created a virtualhost on *:443 called socket.example.com . 我在*:443上创建了一个名为socket.example.com的虚拟主机。 It's intended purpose is to reverse proxy [wss,https]://socket.example.com/ to point to the socket.io server running at http://localhost:9000/ . 目的是为了使代理[wss,https]://socket.example.com/反向指向运行在http:// localhost:9000 /的socket.io服务器。 Here it is, with extraneous bits removed: 在这里,除去了多余的位:
<VirtualHost *:443>
ServerName socket.example.com
DocumentRoot /var/www/example/socket.io/
RewriteEngine On
RewriteCond %{REQUEST_URI} ^/socket.io [NC]
RewriteCond %{QUERY_STRING} transport=websocket [NC]
RewriteRule /(.*) wss://localhost:9000/$1 [P,L]
## I have also tried the following RewriteRules: ##
# RewriteRule /(.*) http://localhost:9000/$1 [P,L]
# RewriteRule /(.*) http://localhost:9000/socket.io/$1 [P,L]
SSLEngine on
SSLCertificateFile /etc/letsencrypt/live/www.example.com/fullchain.pem
SSLCertificateKeyFile /etc/letsencrypt/keys/0001_key-certbot.pem
SSLCACertificateFile /etc/letsencrypt/ca-bundle.pem
SSLProxyEngine On
ProxyRequests Off
ProxyPreserveHost On
ProxyVia Full
ProxyPass / http://localhost:9000/
ProxyPassReverse / http://localhost:9000/
</VirtualHost>
Success using PHP websockets over SSL 通过SSL成功使用PHP WebSockets
Before switching to node.js for my websocket server, I used the above Apache VirtualHost to successfully route wss://socket.example.com/ws_daemon.php to ws://localhost:9000/ws_daemon.php . 在切换到Websocket服务器的node.js之前,我使用了上面的Apache VirtualHost成功将wss://socket.example.com/ws_daemon.php路由到ws:// localhost:9000 / ws_daemon.php 。 In this scenario I 1. removed the rewrite rules and 2. changed the ProxyPass settings to: 在这种情况下,我1.删除了重写规则,并且2.将ProxyPass设置更改为:
ProxyPass / ws://localhost:9000/
ProxyPassReverse / ws://localhost:9000/
But the same logic does not seem to carry over to socket.io. 但是,相同的逻辑似乎并没有延续到socket.io。
At this point I've run out of ideas. 在这一点上,我已经没有想法了。 Any help would be greatly appreciated! 任何帮助将不胜感激!
1 个解决方案
解决方案1
0 2017-11-21 16:27:22
If you are using the <Location> block, you should add the following lines to it: 如果使用的是<Location>块,则应在其中添加以下几行:
RewriteEngine on
RewriteCond %{HTTP:UPGRADE} ^WebSocket$ [NC]
RewriteCond %{HTTP:CONNECTION} Upgrade$ [NC]
RewriteRule /socket.io/(.*) ws://localhost:3000/socket.io/$1 [P]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.